New Report: North Korea’s Cyber Army Allegedly Stole $3 Billion in Crypto to Fund Nuclear Program

North Korea’s cyber army has stolen $3 billion in cryptocurrencies, with 50% of the funds being used to fund the country’s ballistic missile program. 

According to a recent analysis by The Wall Street Journal, state-sponsored hackers from North Korea have netted more than $3 billion from crypto thefts over the past five years.

The stolen funds have been supplying roughly half of North Korea’s ballistic missile program, with defense accounting for a significant portion of the country’s expenditure. 

The report noted that North Korean hacking groups account for a huge portion of illicit cyber activities, as well as some of the biggest crypto heists ever. 

For one, the North Korean Lazarus group of hackers is believed to be behind the hack of Axie Infinity’s Ronin blockchain, which saw hackers make off with about $625 million worth of Ethereum and USDC in one of the largest crypto hacks of all time. 

“When you look at the amount of funds stolen, [it] would look like an existential threat to what you are building,” Aleksander Larsen, chief operating officer at Sky Mavis, told the WSJ.

The gaming company lost the funds after North Korean hackers reached out as a recruiter to an engineer. 

A Trojan Horse, a malicious computer code software that gave hackers access to Sky Mavis and its customers, was implanted onto the engineer’s computer, which was then used to gain access to private keys required for validating transactions.

The big crypto thefts even caught the attention of the US government, which intensified its focus on countering such attacks. 

In April, the US Treasury revealed that North Korean hackers and scammers exploit loopholes in the decentralized finance (DeFi) space to launder money and hide criminal activity.

North Korean Hackers Shift Focus to Generating Cash

North Koreans’ focus has moved from espionage or attack capabilities for traditional geopolitical purposes to generating cash. 

They have also become more technically proficient. The skill of North Korea’s cybercriminals has impressed US officials and researchers, as they have pulled off elaborate maneuvers that have not been observed anywhere else. 

It is believed that thousands of IT workers, including government officials and freelance Japanese blockchain developers, part of a ‘shadow workforce,’ are linked to the regime’s cybercrime operations. 

International experts have long alleged North Korea to be sourcing funds through a digital bank-robbing army to evade harsh sanctions. 

The North Koreans’ focus on cyber theft has resulted in heists like the $81 million stolen from the central bank of Bangladesh in 2016. 

North Korea has also made over $100,000 from a quickly spreading worm called WannaCry, but nothing has been as profitable as their string of attacks on crypto, which began in earnest in 2018. 

More recently, hackers linked to North Korea pulled off a cascading supply-chain attack. 

They used this to break into software makers one at a time and corrupted their products to gain access to the computer systems of their customers.

Security researchers have said that this was a first-of-its-kind attack that saw Trading Technologies as the victim. 

A corrupted version of Trading Technologies’ product was subsequently downloaded by an employee of 3CX, a software development company. The North Koreans then used access to 3CX systems to corrupt that firm’s software. 

From there, the North Koreans attempted to break into 3CX customers, including cryptocurrency exchanges, the WSJ report said.